Description of Duties

Would you like to build the security operations function behind Grafana's open source software stack and Grafana Cloud? Would you like to create a meaningfully useful SecOps capability on top of the Grafana stack, available to any Grafana user? Would you like to grow a SecOps team from a beautiful acorn to a collaborative, transparent and highly capable 24x7 unit? Do you want to build great tools, then open source them to the community?

We are bootstrapping this function, so this is initially a blended people and technical management position with an expectation of an appropriate blend of hands-on and leadership responsibilities. As the team scales out this role will evolve into more of a leadership-focussed role. This is a 100% remote role reporting to the CISO, alongside the leads for Security Engineering and Security Assurance. Whilst there may be some on-call requirements, we intend to hire geographically dispersed SOC analysts in H2 to begin fleshing out an on-call rota.

We have a blogpost out covering the value behind the kind of team we'd like to build. Check it out here.

Key Responsibilities

Lead the creation of a Security Operations function and associated tooling and process at Grafana
Build and lead the Security Operations team from initiation, through 24x7 on-call to 24x7 live coverage (hiring, performance management, etc)
Act as a point of escalation and trusted stakeholder during security incident response
Bring your experience, help shape Grafana's overall security strategy and execution
Liaising with R&D and IT teams to ensure appropriate instrumentation, logging and
Creating and leading an incident training & exercising framework
Lots of purple team things, including input into our nascent business-wide red team practice
Lead the initial forays into building a right-sized security operations capability on the Grafana stack, then open-sourcing all our work
Internal and external thought leadership around security operations, detection & response, threat hunting, etc

An ideal candidate might possess:

5+ years of experience working in a security engineering or security operations role, ideally in DevOps Cloud-native organizations
Of that, 2+ years of management or team leader experience
Experience with operating in, instrumenting and supporting SecOps on AWS/GCP/Azure and containerised environments (e.g., AWS ECS, containerd, k8s, etc)
Experience with both open and closed source SecOps tooling and capabilities
Solid practical cyber incident management / CSIRT experience
Experience growing and mentoring SOC analysts and engineers
Experience managing geographically dispersed and follow-the-sun SecOps teams
If you've also got opinions about digital forensics, great!

What you'll bring to the role

A continual bias to action and ongoing sense of curiosity
A commitment to autonomy - both in yourself and supporting this in others
Very strong communication and project management skills and an appetite for evangelism
Passionate about mentoring and growing talent, empathic management practices and building a healthy workplace
A passion for knowledge sharing and education, bringing everyone else up to your level
Fantastic and proven communication, collaboration and stakeholder management skills
An interest in Grafana's stack and a desire to contribute to our open source foundations - We love dogfooding and giving back!

About Grafana Labs: There are more than 900,000 active installations of Grafana around the globe, monitoring everything from beehives to climate change in the Alps. The instantly recognizable dashboards have been spotted everywhere from a SpaceX launch and Minecraft HQ to Wimbledon and the Tour de France. Grafana Labs also helps companies including Bloomberg, JPMorgan Chase, and eBay manage their observability strategies with full-stack offerings that can be run fully managed with Grafana Cloud, or self-managed with Grafana Enterprise Stack. The Grafana stack has grown to include three other open-source projects, Grafana Loki (for logs), Grafana Mimir (for metrics), and Grafana Tempo (for traces).

Benefits: For more information about the perks and benefits of working at Grafana, please check out our careers page.

A note about covid-19: All Grafanistas who wish to attend in-person events or travel for Grafana Labs must be fully-vaccinated.

Equal Opportunity Employer: At Grafana Labs we're building a company where a diverse mix of talented people want to come, stay, and do their best work. We know that our company runs on the hard work and the dedication of our passionate and creative employees.

We will recruit, train, compensate and promote regardless of race, religion, colour, national origin, gender, disability, age, veteran status, and all the other fascinating characteristics that make us different and unique. We believe that equality and diversity builds a strong organisation and we're working hard to make sure that's the foundation of our organisation as we grow.

For information about how your personal data is used once you've applied to a job, check out our privacy policy.

Summary
Company name: Grafana Labs
Remote job title: Security Operations Manager
Job tags: Kubernetes, EMEA, Cloud Native